EGEE site administration made easy
advertisement
EGEE site administration made easy Bruno Oliveira, António Pina, Alberto Proença EGEE site I G E administration made easy Bruno Oliveira, António Pina, Alberto Proença EGEE roll a (almost) fully automatic system for installation of EGEE sites why? EGEE one simple recipe (for one serving) EGEE image used under Creative Commons from phrenologist EGEE computing element storage element bdii mon box worker nodes EGEE EGEE EGEE Certificate: Data: Version: 1 (0x0) Serial Number: 7829 (0x1e95) Signature Algorithm: md5WithRSAEncryption Issuer: C=ZA, ST=Western Cape, L=Cape Town, O=Thawte Consulting cc, OU=Certification Services Division, CN=Thawte Server CA/emailAddress=server-certs@thawte.com Validity Not Before: Jul 9 16:04:02 1998 GMT Not After : Jul 9 16:04:02 1999 GMT Subject: C=US, ST=Maryland, L=Pasadena, O=Brent Baccala, OU=FreeSoft, CN=www.freesoft.org/emailAddress=baccala@freesoft.org Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public Key: (1024 bit) Modulus (1024 bit): 00:b4:31:98:0a:c4:bc:62:c1:88:aa:dc:b0:c8:bb: 33:35:19:d5:0c:64:b9:3d:41:b2:96:fc:f3:31:e1: 66:36:d0:8e:56:12:44:ba:75:eb:e8:1c:9c:5b:66: 70:33:52:14:c9:ec:4f:91:51:70:39:de:53:85:17: 16:94:6e:ee:f4:d5:6f:d5:ca:b3:47:5e:1b:0c:7b: c5:cc:2b:6b:c1:90:c3:16:31:0d:bf:7a:c7:47:77: 8f:a0:21:c7:4c:d0:16:65:00:c1:0f:d7:b8:80:e3: d2:75:6b:c1:ea:9e:5c:5c:ea:7d:c1:a1:10:bc:b8: e8:35:1c:9e:27:52:7e:41:8f Exponent: 65537 (0x10001) Signature Algorithm: md5WithRSAEncryption 93:5f:8f:5f:c5:af:bf:0a:ab:a5:6d:fb:24:5f:b6:59:5d:9d: 92:2e:4a:1b:8b:ac:7d:99:17:5d:cd:19:f6:ad:ef:63:2f:92: ab:2f:4b:cf:0a:13:90:ee:2c:0e:43:03:be:f6:ea:8e:9c:67: d0:a2:40:03:f7:ef:6a:15:09:79:a9:46:ed:b7:16:1b:41:72: 0d:19:aa:ad:dd:9a:df:ab:97:50:65:f5:5e:85:a6:ef:19:d1: 5a:de:9d:ea:63:cd:cb:cc:6d:5d:01:85:b5:6d:c8:f3:d9:f7: 8f:0e:fc:ba:1f:34:e9:96:6e:6c:cf:f2:ef:9b:bf:de:b5:22: 68:9f EGEE EGEE EGEE preparation time: 1 week difficulty: why? one more excuse fast (and easy) installation by non-tech savvies, in a Civil Protection context what is the EGEE roll? rocks RHEL-based, cluster-oriented operating system rocks grab the installation disk install the FrontEnd cluster nodes are installed from the FrontEnd what kind of nodes will be installed? appliance appliance specifies the software and configuration of the cluster node appliance specifies which rolls to install what is a roll? roll software and configuration bundle roll RPM packages configuration files configuration scripts FrontEnd is installed with a set of rolls (OS, HPC, Torque, ...) ~ rolls also define which appliances will be available ~ appliances define the kind of cluster node rolls can be created by anyone EGEE roll appliances for each element provides site-info.def installs gLite middleware runs yaim EGEE (roll method) install FrontEnd with EGEE roll ~ provide site specific information (during installation) ~ provide certificates ~ install cluster nodes (through FrontEnd) EGEE (roll method) preparation time: 1 ~ 2 days difficulty: but this only concerns installation... administration EGEE site administration virtual organisations updates to gLite virtual organisations full reconfiguration is required virtual organisations change users.conf and groups.conf change site-info.def create vo configuration files copy these files to all nodes run yaim (according to each element) gLite updates may introduce changes to site-info.def may require reconfiguration gLite updates run yum change site-info.def copy this file to all nodes run yaim (according to each element) restart service(s) lather, rinse, repeat... wouldn’t be nice if we could do this in a single command? egeeCli main objective site administration from the FrontEnd’s command line how to merge in a single command all the processes involved? inspiration... rocks rocks provide a simple, unified user command for cluster administration rocks rocks <verb> <object> <subject> <parameters> syntax based in verbs e.g.: add, set, activate, list rocks rocks <verb> <object> <subject> <parameters> verbs are applied to objects e.g.: host, network rocks rocks <verb> <object> <subject> <parameters> subjects are properties of the object e.g.: interface, nas, tile # rocks list host interface wn0-0 SUBNET IFACE MAC IP NETMASK GATEWAY MODULE NAME private eth0 00:0c:29:c0:d6:e5 10.255.255.252 255.0.0.0 ------- pcnet32 worker-node-0-0 rocks dynamically expandable Python API new verbs, objects, subjects can be added “Object-oriented programming is an exceptionally bad idea which could only have originated in California” Edsger Dijkstra what to manage? site-info.def virtual organisations gLite middleware three new objects created siteinfo vo glite which verbs would be useful? site-info.def variable = value e.g.: MY_DOMAIN="cp.di.uminho.pt" site-info.def add, remove, set variables # egeecli add siteinfo variable INSTALL_ROOT “/opt” # egeecli set siteinfo variable RBHOST “rb02.lip.pt” site-info.def dump the file # egeecli add siteinfo variable INSTALL_ROOT “/opt” # egeecli set siteinfo variable RBHOST “rb02.lip.pt” # egeecli dump siteinfo > site-info.def site-info.def sync the file # egeecli add siteinfo variable INSTALL_ROOT “/opt” # egeecli set siteinfo variable RBHOST “rb02.lip.pt” # egeecli dump siteinfo > site-info.def # egeecli sync siteinfo site-info.def restore a previous file site-info.def Six verbs can be used add/remove set dump sync restore virtual organisations add, remove virtual organisations # egeecli add vo iber.vo.ibergrid.eu 100 10 10 virtual organisations disable/enable virtual organisation what about variables specific to virtual organisations? virtual organisations add, remove and set variables for virtual organisations # egeecli add vo variable swetest VOMSCADN ”/DC=es/DC=irisgrid /CN=IRISGridCA” # egeecli sync siteinfo site-info.def users.conf vo.d/* gLite gLite each element corresponds to a number of meta-packages e.g.: Computing Element: glite-TORQUE_server, lcg-CE gLite add, remove meta-packages version release date may require reconfiguration # egeecli add glite lcg-CE yes 3.1.35-0 20090831 gLite add, remove associations between physical machines and meta-packages # egeecli add glite machine ce lcg-CE # egeecli add glite machine ce gliteTORQUE_server image used under Creative Commons from mrpunto gLite sync the site # egeecli sync glite new configuration files generated ~ copy to all nodes ~ yum executed ~ yaim executed (according to configuration) where to get this? EGEE roll database comes pre-loaded with all information used to install the site how this was done supporting database secure shell 411 service what now? support for groups.conf gLite 3.2 EGI/NGI decide what to do with the extra time questions? thank you
